<snip> Snort may also be of interest here.
> > You can do it using open-source software as "Bro" (http://bro-ids.org), > it's an open-source, Unix-based Network Intrusion Detection > System (NIDS) that passively monitors network traffic and looks for > suspicious activity. > "Bro" has the "DPD" (dynamic protocol detection) feature and can > reports (confirmed) uses of protocols on non-standard ports. > > Please see : http://www.icir.org/robin/papers/usenix06.pdf for more > informations about this. > > Last thing, it builds and works perfectly on OpenBSD. :-) > > With regards, > > Jean-Philippe.
